transparency report 2019 - ey - us...transparency report 2019: ey cyprus 6 network arrangements ey...

Click here to load reader

Post on 03-Jun-2020




0 download

Embed Size (px)


  • Transparency Report 2019: EY Cyprus 1

    Transparency Report 2019

    EY Cyprus

  • Transparency Report 2019: EY Cyprus 2

    Message from the Country Managing Partner and the EY Cyprus Assurance Leader ............................................................. 3

    About Us ............................................................................................................................................................................ 5

    Legal structure, ownership and governance..........................................................................................................................5

    Network arrangements ........................................................................................................................................................ 6

    Commitment to sustainable audit quality ............................................................................................................................. 8

    Infrastructure supporting quality .......................................................................................................................................... 8

    Instilled professional values .................................................................................................................................................. 9

    Internal quality control system .......................................................................................................................................... 10

    Client acceptance and continuance .................................................................................................................................... 11

    Performance of audits ....................................................................................................................................................... 12

    Review and consultation ................................................................................................................................................... 13

    Rotation and long association ............................................................................................................................................ 14

    Audit quality reviews ......................................................................................................................................................... 15

    External quality assurance review ...................................................................................................................................... 16

    Compliance with legal requirements ................................................................................................................................... 16

    Independence practices.................................................................................................................................................... 17

    Continuing education of audit professionals ....................................................................................................................... 19

    Revenue and remuneration .............................................................................................................................................. 20

    Financial information ........................................................................................................................................................20

    Partner remuneration ....................................................................................................................................................... 21

    Appendix 1: List of PIE audit clients ................................................................................................................................. 22

    EY Cyprus PIE audit clients ................................................................................................................................................ 22

    Appendix 2: ..................................................................................................................................................................... 23


    More information about EY can be found at

  • Transparency Report 2019: EY Cyprus 3

    Message from the Country Managing Partner and the EY Cyprus Assurance Leader

    Welcome to the 2019 Transparency Report of Ernst & Young Cyprus

    Limited (EY Cyprus). We believe that how we advance sustainable audit

    quality, manage risk and maintain our independence as auditors should

    be transparent to our stakeholders. We value regular dialogue, and this

    report is one of the ways in which we advise our stakeholders on what

    we are doing in each of these areas.

    Executing high-quality audits continues to be our top priority and is at

    the heart of our commitment to serve the public interest. It enables us to

    grow the global EY network successfully and responsibly, while achieving

    our purpose of building a better working world. Auditors play a vital role

    in the functioning of capital markets by promoting transparency and

    supporting investor confidence. Companies, regulators and other

    stakeholders count on us to deliver excellence in every engagement.

    We are focused on investing in tools to improve what we do, creating the

    highest-performing teams, and building trust and confidence in the

    audits we perform.

    EY Cyprus’ reputation is based on and grounded in providing high-quality

    professional audit services objectively and ethically to every company we


    We embrace the transparency objectives of the European Union’s 8th

    Company Law Directive and of Regulation (EU) 537/2014 of the

    European Parliament and of the Council of 16 April 2014 (EU

    537/2014), which require Cyprus statutory auditors of public interest

    entities (PIEs) to publish annual transparency reports.

    The 2019 EY Cyprus Transparency Report complies with the Directive

    and Cypriot laws, and covers the financial year ended 30 June 2019. In

    this report, you can learn more about our internal quality control

    system; how we instill professional values; how we perform an audit; our

    review and consultation processes; our approach to audit quality

    reviews; and our independence practices.

    EY Cyprus is focused on enhancing audit quality and upholding our

    independence, informed by several matters, including external and

    internal inspection results. Continuous improvement of audit quality

    requires us to challenge approaches to audit execution, and we focus on

    this by evaluating all inspection findings and taking responsive actions.

    The need for trust and confidence in financial reporting in our capital

    markets has never been greater, and auditors play an important role in

    this regard.

  • Transparency Report 2019: EY Cyprus 4

    Regular dialogue with our stakeholders remains a priority for us. We

    recognise that our Firm and others have a responsibility to put forward

    suggestions and ideas on how our profession can add value and how

    financial reporting and audit can further develop to best meet the needs

    of business, investors, regulators and the society at large.

    We encourage all our stakeholders — including our clients and their

    investors, audit committee members and regulators — to continue to

    engage with us on our strategy as well as any of the matters covered in

    this report.

    Stavros Pantzaris Andreas Avraamides

    Country Managing Partner Assurance Leader

    Ernst & Young Cyprus Limited Ernst & Young Cyprus Limited

    EY’s purpose: building a better working world

    EY is committed to doing its part in building a better working world.

    The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to stakeholders. In so doing, we play a critical role in building a better working world for our people, our clients and our communities.

  • Transparency Report 2019: EY Cyprus 5

    Legal structure, ownership and governance In Cyprus, Ernst & Young Cyprus Limited is a limited liability

    company organized in Cyprus and is a member firm of Ernst

    & Young Global Limited, a UK company limited by guarantee

    (EYG). In this report, we refer to ourselves as

    “EY Cyprus,” “we,” “us” or “our.” EY refers collectively to

    the global organization of the member firms of EYG.

    Ernst & Young Cyprus Limited is owned by Ernst & Young, a

    partnership registered in Cyprus and having as partners the

    local partners of Ernst & Young and a Cyprus registered

    entity ultimately controlled by EY Europe SCRL.

    EY Cyprus operates from two offices, one in Nicosia and one

    in Limassol. EY Cyprus’ Service Line Leaders are:

    Stavros Pantzaris – Country Managing Partner

    Andreas Avraamides – Head of Assurance Services

    Philippos Raptopoulos – Head of Tax Services

    Stelios Demetriou – Head of Transaction Advisory Services

    Charalambos Constantinou – Head of Advisory Services

    EYG member firms are grouped into three geographic

    Areas: Americas; Asia-Pacific; and Europe, Middle East,

    India and Africa (EMEIA). Japan was a separate fourth Area,

    but on 1 July 2019 became part of Asia-Pacific. The Areas

    comprise a number of Regions, which consist of member

    firms or sections of those firms.

    EY Cyprus is part of the EMEIA Area, which comprises EYG

    member firms in 97 countries in Europe, the

    Middle East, India and Africa. Within the EMEIA Area,

    there are 10 Regions.

    Ernst & Young (EMEIA) Limited (EMEIA Limited), an English

    company limited by guarantee, is the principal coordinating

    entity for the EYG member firms in the EMEIA Area. EMEIA

    Limited facilitates the coordination of these firms and

    cooperation between them, but it does not control them.

    EMEIA Limited is a member firm of EYG, has no financial

    operations and does not provide any professional services.

    Each Region elects a Regional Partner Forum (RPF), whose

    representatives advise and act as a sounding board to

    Regional leadership. The partner elected as Presiding

    Partner of the RPF also serves as the Region’s

    representative on the Global Governance Council

    (see page 6).

    In Europe, there is a holding entity, EY Europe SCRL (EY

    Europe). EY Europe is a Limited Liability Cooperative

    Company (SCRL or CVBA) incorporated in Belgium. It is an

    audit firm registered with the Institut des Reviseurs

    d’Entreprises (IRE-IBR) in Belgium, but it does not carry out

    audits or provide any professional services.

    EY Europe has been formed to replace the holding entity

    Ernst & Young Europe LLP, a UK registered audit firm, in

    order to ensure continued compliance with the EU’s

    Statutory Audit Directive after the UK will have ceased to be

    an EU Member State.

    To the extent permitted by local legal and regulatory

    requirements, EY Europe has acquired or will acquire voting

    control of the EYG member firms operating in Europe. EY

    Europe is a member firm of EYG. EY Europe acquired voting

    control of EY Cyprus as of 6 November 2010.

    The Board of Directors of EY Europe is made up of senior

    partners of EYG member firms in Europe. It has authority

    and accountability for strategy execution and management.

    About Us

  • Transparency Report 2019: EY Cyprus 6

    Network arrangements EY is a global leader in assurance, tax, transaction and

    advisory services. Worldwide, over 260,000 people in

    member firms in more than 150 countries share a

    commitment to building a better working world, united by

    shared values and an unwavering commitment to quality,

    integrity and professional scepticism. In today’s global

    market, the integrated EY approach is particularly

    important in the delivery of high-quality multinational

    audits, which can span nearly every country in the world.

    This integrated approach enables EY member firms to

    develop and draw upon the range and depth of experience

    required to perform such diverse and complex audits.

    EYG coordinates the member firms and promotes

    cooperation among them. EYG does not provide services,

    but its objectives include the promotion of exceptional high-

    quality client service by member firms worldwide. Each

    member firm is a legally distinct entity. Their obligations

    and responsibilities as members of EYG are governed by the

    regulations of EYG and various other agreements.

    The structure and principal bodies of the global

    organization, described below, reflect the principle that EY,

    as a global organization, has a common shared strategy.

    The Executive includes the Global Executive (GE), its

    committees and teams, and the leadership of the three

    (previously four) Areas. At the same time, the network

    operates on a Regional level within the Areas. This

    operating model allows for greater stakeholder focus in the

    Regions, permitting member firms to build stronger

    relationships with clients and others in each country, and be

    more responsive to local needs.

    Global Governance Council

    The Global Governance Council (GGC) is the main oversight

    body of EYG. It comprises one or more representatives from

    each Region, other member firm partners as at-large

    representatives and up to six independent non-executives

    (INEs). The Regional representatives, who otherwise do not

    hold senior management roles, are elected by their RPFs for

    a three-year term, with provision for one successive

    reappointment. The GGC advises EYG on policies,

    strategies, and the public interest aspects of its decision-

    making. The GGC approves, upon the recommendation of

    the GE, a number of matters that could affect EY.

    Independent Non-Executives

    Up to six Independent Non-Executives (INEs) are appointed

    from outside EY. The INEs are senior leaders from both the

    public and private sectors, and reflect diverse geographic

    and professional backgrounds. They bring to the global

    organization, and the GGC, the significant benefit of their

    varied perspectives and depth of knowledge. The INEs also

    form a majority of the Public Interest Sub-Committee (PIC)

    of the GGC. The role of the PIC includes public interest

    aspects of decision-making, issues raised under whistle-

    blowing policies and procedures, and stakeholder dialogue

    and engagement in quality and risk management

    discussions. The INEs are nominated by a dedicated


    Global Executive

    The Global Executive (GE) brings together EY’s leadership

    functions, services and geographies. As of 1 July 2019, it is

  • Transparency Report 2019: EY Cyprus 7

    chaired by the Chairman and CEO of EYG, and includes its

    Global Managing Partners of Client Service and Business

    Enablement; the Area Managing Partners; the global

    functional leadership for Talent; the leaders of the global

    service lines — Assurance, Advisory, Tax and Transaction

    Advisory Services (TAS); and one EYG member firm partner

    on rotation.

    The GE also includes the Chair of the Global Accounts

    Committee and the Chair of the Emerging Markets

    Committee, as well as a representative from the Emerging

    Markets practices.

    The GE and the GGC approve nominations for the Chairman

    and CEO of EYG, and ratify appointments of the Global

    Managing Partners. The GE also approves appointments of

    Global Vice Chairs. The GGC ratifies the appointments of

    any Global Vice Chair who serves as a member of the GE.

    The GE’s responsibilities include the promotion of global

    objectives and the development, approval, and, where

    relevant, implementation of:

    • Global strategies and plans

    • Common standards, methodologies and policies to be promoted within member firms

    • People initiatives, including criteria and processes for admission, evaluation, development, reward and retirement of partners

    • Quality improvement and protection programs

    • Proposals regarding regulatory matters and public policy

    • Policies and guidance relating to member firms’ service of international clients, business development, markets and branding

    • EY’s development funds and investment priorities

    • EYG’s annual financial reports and budgets

    • GGC recommendations

    The GE also has the power to mediate and adjudicate disputes between member firms.

    GE committees

    Established by the GE and bringing together representatives

    from the three (previously four) Areas, the GE committees

    are responsible for making recommendations to the GE. In

    addition to the Global Audit Committee, there are

    committees for Global Markets and Investments, Global

    Accounts, Emerging Markets, Talent, Risk Management,

    Assurance, Advisory, Tax, and TAS.

    Global Practice Group

    This group brings together the members of the GE, GE

    committees, Regional leaders and sector leaders. The

    Global Practice Group seeks to promote a common

    understanding of EY’s strategic objectives and helps drive

    consistency of execution across the organization.

    EYG member firms

    Under the regulations of EYG, member firms commit

    themselves to pursue EY’s objectives, such as the provision

    of high-quality service worldwide. To that end, the member

    firms undertake the implementation of global strategies and

    plans, and work to maintain the prescribed scope of service

    capability. They are required to comply with common

    standards, methodologies and policies, including those

    regarding audit methodology, quality and risk management,

    independence, knowledge sharing, HR, and technology.

    Above all, EYG member firms commit to conducting their

    professional practices in accordance with applicable

    professional and ethical standards, and all applicable

    requirements of law. This commitment to integrity and

    doing the right thing is underpinned by the EY Global Code

    of Conduct and EY values (see page 10).

    Besides adopting the regulations of EYG, member firms

    enter into several other agreements covering aspects of

    their membership in the EY organization, such as the right

    and obligation to use the EY name, and knowledge sharing.

    Member firms are subject to reviews to evaluate adherence

    to EYG requirements and policies governing issues, such as

    independence, quality and risk management, audit

    methodology, and HR. Member firms unable to meet quality

    commitments and other EYG membership requirements

    may be subject to separation from the EY organization.

  • Transparency Report 2019: EY Cyprus 8

    Infrastructure supporting quality

    Quality in our service lines

    Vision 2020+, which sets out EY’s purpose, ambition and

    strategy, calls for EYG member firms to provide exceptional

    service to our stakeholders worldwide. This is supported by

    an unwavering commitment to quality and service that is

    professionally and globally consistent, and means service

    that is based on objectivity, professional skepticism, and

    adherence to EY and professional standards.

    EYG member firms and their service lines are accountable

    for delivering quality engagements. EY service lines

    manage the overall process for quality reviews of completed

    engagements and input for the quality of in-process

    engagements, which helps achieve compliance with

    professional standards and EY policies.

    Vision 2020+ has reinforced the ownership of quality

    by the service lines, including audit. It has also

    resulted in increased clarity around the role of risk

    management in policies and practices that support and

    improve audit quality.

    The Global Vice Chair of Assurance coordinates member

    firms’ compliance with EY policies and procedures for

    assurance services.

    Professional Practice

    The Global Vice Chair of Professional Practice, referred to

    as the Global Professional Practice Director (PPD), is

    overseen by the Global Vice Chair of Assurance and works

    to establish global audit quality control policies and

    procedures. Each of the Area PPDs is overseen by the

    Global PPD and the related Area Assurance Leader. This

    helps provide greater assurance as to the objectivity of

    audit quality and consultation processes.

    The Global PPD also leads and oversees the Global

    Professional Practice group. This is a global network of

    technical subject matter specialists in accounting and

    auditing standards, who consult on accounting, auditing and

    financial reporting matters, and perform various practice

    monitoring and risk management activities.

    In Cyprus, the local PPD is overseen by the Regional PPD

    who is in turn overseen by the Area PPD.

    The Global PPD oversees development of the EY Global

    Audit Methodology (EY GAM) and related technologies so

    that they are consistent with relevant professional

    standards and regulatory requirements. The Global

    Professional Practice group also oversees the development

    of the guidance, training and monitoring programs and

    processes used by member firm professionals to execute

    audits consistently and effectively. The Global, Area and

    Regional PPDs, together with other professionals who work

    with them in each member firm, are knowledgeable about

    EY people, clients and processes, and they are readily

    accessible for consultation with audit engagement teams.

    Additional resources often augment the Global Professional

    Practice group, including networks of professionals focused


    • Internal-control reporting and related aspects of the EY audit methodology

    • Accounting, auditing and risk issues for specific industries and sectors

    • Event-specific issues involving areas of civil and political unrest; or sovereign debt and related accounting, auditing, reporting and disclosure implications

    • General engagement matters and how to work effectively with audit committees

    Risk management

    Responsibility for high-quality service and ownership of the

    risks associated with quality is placed with the member

    firms and their service lines. Among other things, the

    Global Risk Management Leader helps oversee the

    management of these risks by the member firms, as well as

    other risks across the organization as part of the broader

    Enterprise Risk Management framework.

    Member firm partners are appointed to lead risk

    management initiatives (supported by other staff and

    professionals) within member firms, including coordinating

    with the service lines on such matters. The Global Risk

    Management Leader is responsible for establishing globally

    consistent risk management execution priorities and

    enterprise-wide risk management.

    These priorities cascade to member firms, and their

    execution is monitored through an Enterprise Risk

    Management program.

    Commitment to sustainable audit quality

  • Transparency Report 2019: EY Cyprus 9

    Global Confidentiality Policy

    Protecting confidential information is ingrained in the

    everyday activities of EYG member firms. Respect for

    intellectual capital and all other sensitive and restricted

    information is required by the EY Global Code of Conduct,

    which provides a clear set of principles to guide the

    behaviors expected of all EY people. The Global

    Confidentiality Policy further details this approach to

    protecting information and reflects the ever-increasing use

    of restricted data. This policy provides added clarity for EY

    people and forms the fundamental element of broader

    guidance that includes key policies on conflicts of interest,

    personal data privacy and records retention. Other

    guidance includes:

    • Social media guidance

    • Information-handling requirements

    In addition, the global policy on Reporting Fraud, Illegal Acts and Other Non-compliance with Laws, Regulations and EY’s Code of Conduct require EY professionals to speak up on seeing any behavior that is believed to be a violation of applicable law or regulation, applicable standard or EY’s Global Code of Conduct. This includes the unauthorized or improper disclosure of confidential information.

    Furthermore, the global policy on Personal Data Protection

    supports and builds upon provisions within the EY Global

    Code of Conduct regarding respecting and protecting

    personal information, in accordance with local law and

    professional standards, and was recently updated to comply

    with the EU General Data Protection Regulation (GDPR).


    Managing the risk of major and complex cybersecurity attacks is a part of doing business for all organizations. While no systems are immune from the threat of cyber attacks, EY Cyprus is vigilant in the steps it takes to secure and protect client data. The EY approach to cybersecurity is proactive and includes the implementation of technologies and processes necessary to manage and minimize cybersecurity risks globally. EY information security and data privacy programs, consistent with industry practices and applicable legal requirements, are designed to protect against unauthorized disclosure of data. There is a dedicated team of internal and external cybersecurity specialists who actively monitor and defend EY systems.

    Beyond technical and process controls, all EY people are required to affirm in writing their understanding of the principles contained in the EY Global Code of Conduct and their commitment to abide by them, and to participate in an annual security awareness learning activity. There are various policies outlining the due care that must be taken with technology and data, including, but not limited to, the Global Information Security Policy, and a global policy on the Acceptable Use of Technology. EY cybersecurity policies and processes recognize the importance of timely communication. EY people receive regular and periodic communications reminding them of their responsibilities on these policies and general security awareness practice.

    Components of the audit quality control program

    In the following sections, we describe the principal

    components of the audit quality control program, which EY

    Cyprus follows:

    • Instilled professional values

    • Internal quality control system

    • Client acceptance and continuance

    • Performance of audits

    • Review and consultation

    • Rotation and long association

    • Audit quality reviews

    • External quality assurance reviews

    • Compliance with legal requirements

    Instilled professional values

    Sustainable Audit Quality

    Quality is the foundation of our work and central to EY’s

    responsibility to provide confidence to the capital markets.

    This is reflected in the Sustainable Audit Quality (SAQ)

    program, which continues to be the highest priority for EY

    Assurance practices.

    SAQ establishes a strong governance structure that enables

    each member firm to provide high-quality audits. It is

    implemented locally, and coordinated and overseen globally.

    The word “sustainable” in SAQ is used to demonstrate that

    this is not a one-off, short-term initiative, but an ongoing

    process of improvement.

    There are six SAQ pillars: tone at the top, people

    capabilities, simplification and innovation, audit technology

    and digital, enablement and quality support, and

    accountability. The pillars are supported by a foundation of

    serving the public interest.

    Significant progress has been made through SAQ. EY’s internal and external inspection findings globally are improving, and there is greater consistency in execution. EY has deployed world-class technological tools that enhance the quality and value of EY audits, including the EY Canvas online audit platform, the EY Helix analytics platform and the EY Atlas research platform.

    A key feature of EY Canvas is the Client Portal, which enables clients to communicate with audit teams and confirm what information auditors have requested and whether that information has been provided. EY Canvas also facilitates the use of the Milestones project management program, which helps audit teams keep on track and highlights potential matters to be addressed during the audit process.

    When Milestones is combined with the EY Client Portal, engagement teams have more time to focus, to be curious and to be skeptical. As a result, audit quality is enhanced.

    Other recent SAQ initiatives include: a new approach to pictorially depict a company’s internal controls and processes; the Personal Workload Tool, which reviews personal responsibilities and assesses whether there is sufficient time to execute high-quality audits; Purpose-Led Outcome Thinking (PLOT), a framework that focuses on the

  • Transparency Report 2019: EY Cyprus 10

    behaviors that drive high quality audits: and Key Findings Review, which helps coach our teams.

    There are also a network of Quality Enablement Leaders (QELs), an overall Global Audit Quality Committee and a Culture and Behaviors Taskforce. They help us in executing and reviewing root-cause analysis and understanding the impact of our initiatives in driving quality outcomes, better behaviors and a continuous improvement mindset.

    Audit quality is something that every team member must

    understand and be committed to implementing locally. SAQ

    is essential to all our goals and ambitions, and each

    Regional and Area leader has oversight of the efforts to

    achieve those goals.

    The SAQ infrastructure demonstrates that audit quality is the single most important factor in our decision-making and the key measure on which our professional reputation stands.

    Tone at the top

    EY Cyprus leadership is responsible for setting the right

    tone at the top and demonstrating EY’s commitment to

    building a better working world through behavior and

    actions. While the tone at the top is vital, our people also

    understand that quality and professional responsibility start

    with them. Our shared values, which inspire our people and

    guide them to do the right thing, and our commitment to

    quality are embedded in who we are and in everything

    we do.

    The EY approach to business ethics and integrity is

    contained in the EY Global Code of Conduct and other

    policies, and is embedded in the EY culture of consultation,

    training programs and internal communications. Senior

    management regularly reinforces the importance of

    performing quality work, complying with professional

    standards, adhering to our policies, leading by example and

    through various communications. Also, EY’s quality review

    programs assess professional service as a key metric in

    evaluating and rewarding all professionals.

    The EY culture strongly supports collaboration and places

    special emphasis on the importance of consultation in

    dealing with complex or subjective accounting, auditing,

    reporting, regulatory and independence matters. We believe

    it is important to determine that engagement teams and

    clients correctly follow consultation advice, and we

    emphasize this when necessary.

    Code of Conduct

    We promote a culture of integrity among our professionals.

    The EY Global Code of Conduct provides a clear set of

    principles that guide our actions and our business conduct

    and are to be followed by all EY personnel. The EY Global

    Code of Conduct is divided into five categories:

    • Working with one another

    • Working with clients and others

    • Acting with professional integrity

    • Maintaining our objectivity and independence

    • Respecting intellectual capital

    Through our procedures to monitor compliance with

    the EY Global Code of Conduct and through frequent

    communications, we strive to create an environment that

    encourages all personnel to act responsibly, including

    reporting misconduct without fear of retaliation.

    The EY Ethics Hotline provides our people, clients and

    others outside of the organization with a means to

    confidentially report activity that may involve unethical or

    improper behavior and that may be in violation of

    professional standards or otherwise inconsistent with the

    EY Global Code of Conduct. The hotline is operated by an

    external organization that provides confidential and, if

    desired, anonymous hotline reporting services worldwide.

    When a report comes into the EY Ethics Hotline, either by

    phone or internet, it receives prompt attention. Depending

    on the content of the report, appropriate individuals from

    Risk Management, Talent, Legal or other functions are

    involved to address the report. The same procedures are

    followed for matters that are reported outside of the EY

    Ethics Hotline.

    Internal quality control system


    EY Cyprus’ reputation for providing high-quality

    professional audit services independently, objectively and

    ethically is fundamental to our success as independent

    auditors. We continue to invest in initiatives to promote

    enhanced objectivity, independence and professional

    skepticism. These are fundamental attributes of a

    high-quality audit.

    At EY Cyprus, our role as auditors is to provide assurance

    on the fair presentation of the financial statements of the

    companies we audit. We bring together qualified teams to

    The consistent stance of EY Cyprus has been that no

    client is more important than our professional

    reputation — the reputation of EY Cyprus and the

    reputation of each of our professionals.

    Our values: who we are

    People who demonstrate integrity, respect and teaming

    People with energy, enthusiasm and the courage to lead

    People who build relationships based on doing the right thing

  • Transparency Report 2019: EY Cyprus 11

    provide our services, drawing on our broad experience

    across industry sectors and services. We continually strive

    to improve our quality and risk management processes so

    that the quality of our service is at a consistently high level.

    We recognize that in today’s environment — characterized

    by continuing globalization, the rapid movement of capital

    and the impact of technology changes — the quality of our

    audit services has never been more important. As part of

    EY Vision 2020+, we continue to invest heavily in

    developing and maintaining our audit methodology, tools

    and other resources needed to support quality service.

    While the market and stakeholders continue to demand

    high-quality audits, they also demand increasingly effective

    and efficient delivery of audit services. In addition to the

    investments mentioned, EY continues to seek ways to

    improve the effectiveness and efficiency of its audit

    methodology and processes, while improving audit quality.

    We work to understand where our audit quality may not be

    up to our own expectations and those of stakeholders,

    including independent audit regulators. We seek to learn

    from external and internal inspection activities and to

    identify root causes of adverse quality occurrences to

    enable us continually to improve audit quality. We believe

    that taking effective and appropriate actions to improve

    quality is important.

    Effectiveness of the quality control system

    EY has designed and implemented a comprehensive set of

    global audit quality control policies and practices. These

    policies and practices meet the requirements of the

    International Standards on Quality Control issued by the

    International Auditing and Assurance Standards Board

    (IAASB). EY Cyprus has adopted these global policies and

    procedures, and has supplemented them as necessary to

    comply with local laws and regulatory/professional

    guidelines, and to address specific business needs.

    We also execute the EY Audit Quality Review (AQR) program

    to evaluate whether our system of audit quality control has

    operated effectively so as to provide reasonable assurance

    that EY Cyprus and our people comply with applicable

    professional standards, internal policies and regulatory


    The results of the AQR program and external inspections

    are evaluated and communicated within EY Cyprus to

    provide the basis for continual improvement in audit quality,

    consistent with the highest standards in the profession.

    The GE has oversight of the implementation of quality

    improvement. As such, it reviews the results of the internal

    AQR program and external audit firm regulatory reviews,

    as well as any key actions designed to address areas

    for improvement.

    The recent results of such monitoring, together with

    feedback from independent audit regulators as well as

    additional local procedures that we performed, provide EY

    Cyprus with a basis to conclude that our internal control

    systems are designed appropriately and are operating


    Client acceptance and continuance

    EY policy

    The EY global policy on Client and Engagement Acceptance

    sets out principles for member firms to determine whether

    to accept a new client or a new engagement, or to continue

    with an existing client or engagement. These principles are

    fundamental to maintaining quality, managing risk,

    protecting our people and meeting regulatory

    requirements. The objectives of the policy are to:

    • Establish a rigorous process for evaluating risk and making decisions to accept or continue clients or engagements

    • Meet applicable independence requirements

    • Identify and deal appropriately with any conflicts of interest

    • Identify and decline clients or engagements that pose excessive risk

    • Require consultation with designated professionals to identify additional risk management procedures for specific high-risk factors

    • Comply with legal, regulatory and professional requirements

    In addition, the EY global policy on conflicts of interest

    defines global standards for addressing categories of

    potential conflicts of interest and a process for identifying

    them. It also includes provisions for managing potential

    conflicts of interest as quickly and efficiently as possible

    using appropriate safeguards. Such safeguards may include

    obtaining client consent to act for another party where a

    conflict of interest may exist, establishing separate

    engagement teams to act for two or more parties,

    implementing “Chinese Walls” between engagement teams

    or declining an engagement to avoid an identified conflict.

    The EY global policy on Conflicts of Interest and associated

    guidance take into account the increasing complexity of

    engagements and client relationships, and the need for

    speed and accuracy in responding to clients. They also align

    with the latest International Ethics Standards Board for

    Accountants (IESBA) standards.

    Putting policy into practice

    We use the EY Process for Acceptance of Clients and

    Engagements (PACE), an intranet—based system, for

    efficiently coordinating client and engagement acceptance

    and continuance activities in line with global, service line

    and member firm policies. PACE takes users through the

    acceptance and continuance requirements, and identifies

    the policies and references to professional standards

    needed to assess both business opportunities and

    associated risks.

    As part of this process, we carefully consider the risk

    characteristics of a prospective company or engagement

    and the results of several due diligence procedures. Before

    we take on a new engagement or company, we determine

    whether we can commit sufficient resources to deliver

  • Transparency Report 2019: EY Cyprus 12

    quality service, especially in highly technical areas, and if

    the services the client wants are appropriate for us to

    provide. The approval process is rigorous, and no new audit

    engagement may be accepted without the approval of

    Regional or local PPD.

    In the EY annual client and engagement continuance

    process, we review our service and ability to continue to

    provide a quality service, and confirm that companies we

    serve share EY Cyprus’ commitment to quality and

    transparency in financial reporting. The partner in charge of

    each audit, together with our Assurance leadership,

    annually reviews our relationship with the audit client to

    determine whether continuance is appropriate.

    As a result of this review, certain audit engagements are

    identified as requiring additional oversight procedures

    during the audit (close monitoring), and some audit clients

    are discontinued. As with the client acceptance process, our

    Regional PPD is involved in the client continuance process

    and must agree with the continuance decisions.

    Decisions about acceptance or continuance of clients and

    engagements consider the engagement team’s assessment

    of whether the company’s management may pressure us to

    accept inappropriate accounting, auditing and reporting

    conclusions to undermine quality. Considerations and

    conclusions on the integrity of management are essential

    to acceptance and continuance decisions.

    Performance of audits There has been significant investment in EY in improving

    audit methodologies and tools, with the goal of performing

    the highest-quality audits in the profession. This investment

    reflects EY’s commitment to building trust and confidence

    in the capital markets and in economies the world over.

    Audit methodology

    EY GAM provides a global framework for delivering high-

    quality audit services through the consistent application of

    thought processes, judgments and procedures in all audit

    engagements, regardless of size. EY GAM also requires

    compliance with relevant ethical requirements, including

    independence from the entity we audit. Making risk

    assessments, reconsidering and modifying them as

    appropriate, and using these assessments to determine the

    nature, timing and extent of audit procedures are

    fundamental to EY GAM. The methodology also emphasizes

    applying appropriate professional skepticism in the

    execution of audit procedures. EY GAM is based on

    International Standards on Auditing (ISAs) and is

    supplemented in Cyprus to comply with the local regulatory

    or statutory and professional requirements.

    Using an online tool, EY Atlas, an EY auditor is presented

    with a version of EY GAM organized by topic and designed

    to focus the audit strategy on the financial statement risks,

    and the design and execution of the appropriate audit

    response to those risks. EY GAM consists of two key

    components: requirements and guidance, and supporting

    forms and examples. The requirements and guidance reflect

    both auditing standards and EY policies. The forms and

    examples include leading practice illustrations, and assist in

    performing and documenting audit procedures.

    EY GAM can be “profiled” or tailored to present the relevant

    requirements and guidance, depending on the nature of the

    entity being audited — e.g., there are profiles for public

    interest entities and for those considered non-complex

    entities. Enhancements to the audit methodology are made

    regularly to address new standards, emerging auditing

    issues and matters, implementation experiences, and

    external and internal inspection results. In addition, we

    monitor current and emerging developments, and issue

    timely audit planning and execution communications that

    emphasize areas noted during inspections as well as other

    key topics of interest to our local audit regulator (or

    regulators) and the International Forum of Independent

    Audit Regulators (IFIAR). Specifically, we are preparing for

    the implementation of ISA 540 (Revised), Auditing

    Accounting Estimates and Related Disclosures (effective for

    audits of periods beginning on or after 15 December 2019),

    by raising awareness of the requirements of the new

    standard and providing reminders on performing risk

    assessment procedures specific to the audit of accounting

    estimates, and designing and performing audit procedures

    responsive to those risks.


    Our audit engagement teams use technology to assist in

    executing and documenting the work performed in

    accordance with EY GAM.

    EY Canvas, the global EY audit platform, lies at the heart of

    the audit and enables us to provide a high-quality audit. EY

    Canvas is built using state-of-the-art technology for web

    applications. This allows us to provide data security and to

    evolve our software to respond to changes in the

    accounting profession and regulatory environment.

    Through the use of profile questions, audit engagements in

    EY Canvas are automatically configured with information

    relevant to an entity’s listing requirements and industry.

    This helps to keep our audit plans customized and up-to-

    date, and provides direct linkage to our audit guidance,

    professional standards and documentation templates. EY

    Canvas is built with a user interface that allows the team to

    visualize risks and their relationship to the planned

    response and work performed in key areas. It also enables a

    linkage for our group audit teams to communicate inter-

    office risks and instructions so that the primary audit team

    can direct execution and monitor performance of the

    group audit.

    EY Canvas includes a Client Portal to assist teams in

    communicating with clients and streamlining their client

    requests. Mobile applications are integrated with EY Canvas

    to help our people in their audit work — e.g.,, in monitoring

    the status of the audit, capturing audit evidence securely

    and performing inventory observations.

    Audit engagement teams use other applications, data

    analyzers and forms during various phases of an audit to

    assist in executing procedures, making and documenting

  • Transparency Report 2019: EY Cyprus 13

    audit conclusions, and performing analysis. This includes EY

    Smart Automation, a collection of applications that are

    being developed and deployed globally through EY Canvas

    to digitally enable EY audit professionals in executing audit

    procedures and processes.

    At EY, we are making data analysis integral to our audits.

    Our use of data and analysis is not about additive

    procedures or visualizations. It is about taking large

    populations of company data, and applying our globally

    consistent technology (EY Helix) and methodology (EY

    GAM) to audit that data.

    EY Helix is a library of data analyzers for use in audits.

    These data analyzers are transforming the audit through

    the analysis of larger populations of audit-relevant data,

    identifying unseen patterns and trends in that data, and

    helping to direct our audit efforts. The use of data analytics

    also allows us to obtain better perspectives, richer insights

    and a deeper understanding of transactions and areas of


    EY is deploying data analyzers to analyze the business

    operating cycles of the companies that we audit, supported

    by analytics-based audit programs to aid the application of

    these data analyzers.

    Using the EY Helix library of data analyzers, our

    engagement teams can enhance their audit risk

    assessment, enabling the audit of higher-risk transactions,

    and assisting our people in asking better questions about

    audit findings and evaluating the outcomes.

    EY Atlas is a global technology platform that enables our

    auditors to access the latest accounting and auditing

    content, including external standards, EY interpretations

    and thought leadership.

    Formation of audit engagement teams

    EY Cyprus policies require an annual review of partner

    assignments by our Assurance leadership and Regional

    PPD. This is carried out to make sure that the professionals

    leading listed-company audits possess the appropriate

    competencies (i.e., the knowledge, skills and abilities) to

    fulfill their engagement responsibilities, and are in

    compliance with applicable auditor rotation regulations.

    The assignment of professionals to an audit engagement is

    also made under the direction of our Assurance leadership.

    Factors considered when assigning people to audit teams

    include engagement size and complexity, specialized

    industry knowledge and experience, timing of work,

    continuity, and opportunities for on-the-job training. For

    more complex engagements, consideration is given to

    whether specialized or additional expertise is needed to

    supplement or enhance the audit engagement team.

    In many situations, internal specialists are assigned as part

    of the audit engagement team to assist in performing audit

    procedures and obtaining appropriate audit evidence. These

    professionals are used in situations requiring special skills

    or knowledge, such as information systems, asset valuation

    and actuarial analysis.

    Review and consultation

    Reviews of audit work

    EY policies describe the requirements for timely and direct

    senior professional participation, as well as the level of

    review required for the work performed. Supervisory

    members of an audit engagement team perform a detailed

    review of the audit documentation for accuracy and

    completeness. Senior audit executives and engagement

    partners perform a second-level review to determine

    adequacy of the audit work as a whole, and the related

    accounting and financial statement presentation. A tax

    professional reviews the significant tax and other relevant

    working papers. For public interest entities and certain

    other companies, an engagement quality reviewer

    (described below) reviews important areas of accounting,

    financial reporting and audit execution, as well as the

    financial statements of the company we audit and our

    auditor’s report.

    The nature, timing and extent of the reviews of audit work

    depend on many factors, including:

    • The risk, materiality, subjectivity and complexity of the subject matter

    • The ability and experience of the audit team members preparing the audit documentation

    • The level of the reviewer’s direct participation in the audit work

    • The extent of consultation employed

    Our policies also describe the roles and responsibilities of

    each audit engagement team member for managing,

    directing and supervising the audit, as well as the

    requirements for documenting their work and conclusions.

    Consultation requirements

    EY consultation policies are built upon a culture of

    collaboration, whereby audit professionals are encouraged

    to share perspectives on complex accounting, auditing and

    reporting issues. Consultation requirements and related

    policies are designed to involve the right resources so that

    audit teams reach appropriate conclusions.

    For complex and sensitive matters, we have a formal

    process requiring consultation outside of the audit

    engagement team with other personnel who have more

    experience or specialized knowledge, primarily Professional

    Practice and Independence personnel. In the interests of

    objectivity and professional scepticism, our policies require

    members of Professional Practice, Independence and

    certain others to withdraw from a consultation if they

    currently serve, or have recently served, the client to which

    the consultation relates. In this circumstance, other

    appropriate individuals would be assigned.

    Consultation is built into the decision-making process;

    it is not just a process to provide advice.

  • Transparency Report 2019: EY Cyprus 14

    EY policies also require that all consultations are

    documented, including written concurrence from the person

    or persons consulted, to demonstrate their understanding

    of the matter and its resolution.

    Engagement quality reviews

    Engagement quality reviews are performed by audit

    partners in compliance with professional standards for

    audits of all public interest entities and those considered to

    need close monitoring. Engagement quality reviewers are

    experienced professionals with significant subject matter

    knowledge. They are independent of the engagement team

    and able to provide objective evaluation of significant

    accounting, auditing and reporting matters. In no

    circumstances may the responsibility of the engagement

    quality reviewer be delegated to another individual.

    The engagement quality review spans the entire

    engagement cycle, including planning, risk assessment,

    audit strategy and execution. Policies and procedures for

    the performance and documentation of engagement quality

    reviews provide specific guidelines on the nature, timing

    and extent of the procedures to be performed, and the

    required documentation evidencing their completion. Our

    Regional PPD approves all engagement quality review


    Audit engagement team resolution process for differences of professional opinion

    EY has a collaborative culture that encourages and expects

    people to speak up, without fear of reprisal, if a difference

    of professional opinion arises or if they are uncomfortable

    about a matter relating to a client engagement. Policies

    and procedures are designed to empower members of an

    audit engagement team to raise any disagreements relating

    to significant accounting, auditing or reporting matters.

    These policies are made clear to people as they join EY, and

    we continue to promote a culture that reinforces a person’s

    responsibility and authority to make their own views heard,

    and seek out the views of others.

    Differences of professional opinion that arise during an

    audit are generally resolved at the audit engagement team

    level. However, if any person involved in the discussion of an

    issue is not satisfied with the decision, they refer it to the

    next level of authority until agreement is reached or a final

    decision is made.

    Furthermore, if the engagement quality reviewer makes

    recommendations that the engagement partner does not

    accept or the matter is not resolved to the reviewer’s

    satisfaction, the auditor’s report is not issued until the

    matter is resolved. EY policies require documentation of

    disagreements and their resolution.

    Rotation and long association EY supports mandatory audit partner rotation to help

    reinforce auditor independence. EY Cyprus complies with

    the audit partner rotation requirements of the IESBA Code,

    Regulation (EU) 537/2014 of the European Parliament and

    of the Counsel of 16 April 2014 (EU 537/2014), the

    Cyprus’ regulator, as well as the U.S. Securities and

    Exchange Commission (SEC), where required. EY Cyprus

    supports audit partner rotation because it provides a fresh

    perspective and promotes independence from company

    management, while retaining expertise and knowledge of

    the business. Audit partner rotation, combined with

    independence requirements, enhanced systems of internal

    quality controls and independent audit oversight, helps

    strengthen independence and objectivity, and are important

    safeguards of audit quality.

    Article 17 of the EU Audit Regulation No 537/2014

    requires public interest entities to rotate their lead

    engagement partner/signing auditor (and in cases of groups

    of the material subsidiaries) and their engagement quality

    reviewer after seven years. In addition, according to local

    regulations for public interest entities, the lead engagement

    partner/signing auditor (and in cases of groups of the

    material subsidiaries) and their engagement quality

    reviewer may serve up to ten years in a combination of

    manager and partner ranks (always subject to the seven

    years rule above). Following rotation, the lead audit

    engagement partner/signing auditor (and in cases of groups

    of the material subsidiaries) and engagement quality

    reviewer may not resume such roles until at least three

    years have elapsed.

    For PIEs, the EY Global Independence Policy requires the

    lead engagement partner, the engagement quality reviewer

    and other audit partners who make key decisions or

    judgments on matters significant to the audit, including

    audit engagement partner/signing auditor of material

    subsidiaries (together, the “key audit partners”) to be

    rotated after seven years. For a new PIE (including a newly

    listed company), key audit partners may remain in place for

    an additional two years before rotating off the team if they

    have served the company for six or more years prior to the


    Upon completing the maximum service period for rotation,

    a key audit partner may not lead or coordinate professional

    services to the PIE audit client until after completing a

    cooling-off period. For audit periods beginning prior to 15

    December 2023, this period is three years for a lead audit

    engagement partner, three years for an engagement quality

    reviewer, and two years for other partners subject to

    rotation. For audit periods beginning after 15 December

    2023, this period is five years for a lead audit engagement

    partner, three years for an engagement quality reviewer,

    and two years for other partners subject to rotation.

    In addition to the audit partner rotation requirements

    applicable to PIE audit clients, EY has established a long

    association safeguards framework that, consistent with the

    requirements of the IESBA Code and Article 17 of

    537/2014, includes consideration of the threats to

    independence created by involvement of professionals over

    a long period of time on an audit and a safeguards

    framework to address such threats.

    We employ tools to effectively monitor compliance with

    internal rotation and requirements for audit partners and

  • Transparency Report 2019: EY Cyprus 15

    other professionals who have had long association with the

    audit client as well as gradual rotation. There is also a

    process for rotation planning and decision-making that

    involves consultation with, and approvals by, our

    Professional Practice and Independence Professionals.

    External rotation

    For public interest entities we comply with the external

    rotation requirements of Art. 17 (1) to (6) of the EU Audit

    Regulation; in accordance with local regulations the rotation

    requirement for banks is nine years without extension.

    Audit quality reviews The EY Global AQR program is the cornerstone of the EY

    process to monitor audit quality. EY Cyprus executes the

    Global AQR program, reports results and develops

    responsive actions plans. The primary goal of the program

    is to determine whether systems of quality controls,

    including those of EY Cyprus, are appropriately designed

    and followed in the execution of audit engagements to

    provide reasonable assurance of compliance with policies

    and procedures, professional standards, and regulatory

    requirements. The Global AQR program complies with

    guidelines in the International Standard on Quality Control

    (ISQC) 1, as amended, and is supplemented where

    necessary to comply with Cyprus professional standards

    and regulatory requirements. It also aids EY Cyprus’

    continual efforts to identify areas where we

    can improve our performance or enhance our policies

    and procedures.

    Executed annually, the program is coordinated and

    monitored by representatives of the Global PPD network,

    with oversight by Global Assurance leadership.

    The engagements reviewed each year are selected on a risk-

    based approach, emphasizing audit engagements that are

    large, complex or of significant public interest, including

    elements of unpredictability. The Global AQR program

    includes detailed risk-focused file reviews covering a large

    sample of listed and non-listed audit engagements, and

    public interest entities and non-public interest entities, to

    measure compliance with internal policies and procedures,

    EY GAM requirements, and relevant local professional

    standards and regulatory requirements. It also includes

    reviews of a sample of non-audit engagements. These

    measure compliance with the relevant professional

    standards, and internal policies and procedures that should

    be applied in executing non-audit services. In addition,

    practice-level reviews are performed to assess compliance

    with quality control policies and procedures in the

    functional areas set out in ISQC 1.

    The Global AQR program complements external practice

    monitoring and inspection activities, such as inspection

    programs executed by audit regulators and external peer


    AQR reviewers and team leaders are selected for their skills

    and professional competence in accounting and auditing, as

    well as their industry specialization; they often work in the

    Global AQR program for a number of years and are highly

    skilled in the execution of the program. Team leaders and

    reviewers are assigned to inspections outside of their home

    location and are independent of the audit teams reviewed.

    The results of the Global AQR program, external practice monitoring and inspection activities are evaluated and communicated to improve quality. Any quality improvement plans describe the follow-up actions to be taken, the people responsible, the timetable and deadlines, and sign-off on completed actions. Measures to resolve audit quality matters noted from the Global AQR program, regulatory inspections and peer reviews are addressed by Assurance leadership and our PPD. The actions are monitored by our PPD and Assurance leadership. These programs provide important practice monitoring feedback for our continuing quality improvement efforts.

  • Transparency Report 2019: EY Cyprus 16

    External quality assurance review EY Cyprus’ audit practices and our registered statutory

    auditors are subject to annual inspection by the Cyprus

    Public Audit Oversight Board (CyPAOB – Regulator) and by

    the Institute of Certified Public Accountants of Cyprus

    (ICPAC – Professional Body). As part of their inspections,

    both the Regulator and the Professional Body evaluate

    quality control systems and review selected engagements.

    CyPAOB inspects firm-wide controls and PIE audit files while

    ICPAC inspects non-PIE audit files.

    The last quality assurance inspection carried out by the

    CyPAOB on firm-wide controls took place in February – April

    2019 and on PIE engagement review in November 2018.

    The final report on the firm wide inspection has not yet

    been issued. The final report on the engagement review was

    issued on 20 May 2019.

    The last monitoring visit carried out by ICPAC took place in

    2015 and the final report was issued on 25 April 2016.

    We respect and benefit from the CyPAOB and the ICPAC

    inspection process and remain committed to continuing our

    close and constructive dialogue with them. We thoroughly

    evaluate points raised during the inspection in order to

    identify areas where we can improve audit quality. Together

    with the AQR process, external inspections aid us in making

    our audits and related control processes of the highest

    quality in the interests of our clients’ investors and other


    Information on the above-mentioned regulator (CyPAOB)

    and Professional Body (ICPAC) can be found at and respectively.

    Compliance with legal requirements The EY Global Code of Conduct provides a clear set of

    standards that guide our actions and business conduct.

    EY Cyprus complies with applicable laws and regulations,

    and EY’s values underpin our commitment to doing the

    right thing. This important commitment is supported by a

    number of policies and procedures, explained in the

    paragraphs below.


    The EY Global Anti-bribery Policy provides EY people with

    direction around certain unethical and illegal activities. It

    emphasizes the obligation to comply with anti-bribery laws

    and provides greater definition of what constitutes bribery.

    It also identifies reporting responsibilities when bribery is

    discovered. In recognition of the growing global impact of

    bribery and corruption, efforts have been increased to

    embed anti-bribery measures across EY.

    Insider trading

    The EY Global Insider Trading Policy reaffirms the obligation

    of our people not to trade in securities with insider

    information, provides detail on what constitutes insider

    information and identifies with whom our people should

    consult if they have questions regarding their


    Trade sanctions

    It is important that we are aware of the ever-changing

    situation with respect to international trade sanctions. EY

    monitors sanctions issued in multiple geographies and

    provides guidance to EY people on impacted activities.

    Data privacy

    The EY Global Personal Data Privacy Policy, revised and

    reissued in 2018, sets out the principles to be applied to the

    collection, use and protection of personal data, including

    that relating to current, past and prospective personnel,

    clients, suppliers, and business associates. This policy is

    consistent with the strict requirements of the European

    Union’s General Data Protection Regulation and other

    applicable laws and regulations concerning data protection

    and privacy. EY also has Binding Corporate Rules approved

    by EU regulators in place to facilitate the movement of

    personal data within the EY network. Furthermore, we have

    a policy to address our specific Cyprus data privacy

    requirements and business needs.

    Document retention

    EY Cyprus’ record retention policy applies to all

    engagements and personnel. This policy addresses

    document preservation whenever any person becomes

    aware of any actual or reasonably anticipated claim,

    litigation, investigation, subpoena or other government

    proceeding involving us or one of our clients that may relate

    to our work. It also addresses Cyprus legal requirements

    applicable to the creation and maintenance of working

    papers relevant to the work performed.

  • Transparency Report 2019: EY Cyprus 17

    The EY Global Independence Policy requires EY Cyprus and

    our people to comply with the independence standards

    applicable to specific engagements, including, e.g., the

    IESBA Code of Ethics of the IESBA of the International

    Federation of Accountants (IFAC) which has been adopted

    by the Institute of Certified Public Accountants of Cyprus


    We consider and evaluate independence with regard to

    various aspects, including our financial relationships and

    those of our people; employment relationships; business

    relationships; the permissibility of services we provide to

    audit clients; applicable firm and partner rotation

    requirements; fee arrangements; audit committee pre-

    approval, where applicable; and partner remuneration and


    EY Cyprus has implemented EY’s global applications, tools

    and processes to support us, our professionals and other

    employees in complying with independence policies.

    EY Global Independence Policy

    The EY Global Independence Policy contains the

    independence requirements for member firms,

    professionals and other personnel. It is a robust policy

    predicated on the IESBA Code and supplemented by more

    stringent requirements in jurisdictions where prescribed by

    the local legislative body, regulator or standard setting

    body. The policy also contains guidance designed to

    facilitate an understanding and the application of the

    independence rules. The EY Global Independence Policy is

    readily accessible and easily searchable on the EY intranet.

    Global Independence System (GIS)

    The GIS is an intranet-based tool that helps EY professionals

    identify the entities from which independence is required

    and the independence restrictions that apply. Most often,

    these are listed audit clients and their affiliates, but they

    can also be other types of attest or assurance clients. The

    tool includes family-tree data relating to affiliates of listed

    audit clients and is updated by client-serving engagement

    teams. The entity data includes notations that indicate the

    independence rules that apply to each entity, helping our

    people determine the type of services that can be provided,

    or other interests or relationships that can be entered into.

    Global Monitoring System (GMS)

    The GMS is another important global tool that assists in

    identifying proscribed securities and other impermissible

    financial interests. Professionals ranked as manager and

    above are required to enter details about all securities they

    hold, or those held by their immediate family, into the GMS.

    When a proscribed security is entered or if a security they

    hold becomes proscribed, professionals receive a notice and

    are required to dispose of the security. Identified exceptions

    are reported through the Global Independence Incident

    Reporting System (GIIRS) for regulatory matters.

    GMS also facilitates annual and quarterly confirmation of

    compliance with independence policies, as described below.

    Independence compliance

    EY has established a number of processes and programs

    aimed at monitoring the compliance with independence

    requirements of EY member firms and their people. These

    include the following activities, programs and processes.

    Independence confirmations

    Annually, EY Cyprus is included in an Area-wide process to

    confirm compliance with the EY Global Independence Policy

    and process requirements, and to report identified

    exceptions, if any.

    All EY professionals, and certain others, based on their role

    or function, are required to confirm compliance with

    independence policies and procedures at least once a year.

    All partners are required to confirm compliance quarterly.

    Independence compliance reviews

    EY conducts internal procedures to assess member firm

    compliance with independence matters. These reviews

    include aspects of compliance related to non-audit services,

    business relationships with the companies we audit and

    financial relationships of member firms.

    Personal independence compliance testing

    Each year, the EY Global Independence team establishes a

    program for testing compliance with personal independence

    confirmation requirements and with reporting of

    information into GMS. For the 2018 testing cycle, EY

    Cyprus tested more than 8 partners and other personnel.

    Independence practices

    Failure to comply with applicable independence

    requirements will factor into decisions relating to a

    person’s promotion and compensation, and may lead

    to other disciplinary measures, including separation

    from EY Cyprus.

  • Transparency Report 2019: EY Cyprus 18

    Non-audit services

    We monitor compliance with professional standards, laws

    and regulations governing the provision of non-audit

    services to audit clients through a variety of mechanisms.

    These include the use of tools, such as PACE (see page 11)

    and Service Offering Reference Tool (SORT) (see below),

    and training and required procedures completed during the

    performance of audits and internal inspection processes.

    We also have a process in place for the review and approval

    of certain non-audit services in advance of accepting the


    Global independence learning

    EY develops and deploys a variety of independence learning

    programs. All professionals and certain other personnel are

    required to participate in annual independence learning to

    help maintain our independence from the companies we


    The annual independence learning program covers

    independence requirements focusing on recent changes to

    policy, as well as recurring themes and topics of

    importance. Timely completion of annual independence

    learning is required and is monitored closely.

    In addition to the annual learning program, independence

    awareness is promoted through a number of events and

    materials, including new-hire programs, milestone programs

    and core service line curricula.

    Service Offering Reference Tool (SORT)

    We assess and monitor our portfolio of services on an

    ongoing basis to confirm that they are permitted by

    professional standards, laws and regulations, and to make

    sure that we have the right methodologies, procedures and

    processes in place as new service offerings are developed.

    We restrict services from being provided that could present

    undue independence or other risks. SORT provides EY

    people with information about EY service offerings. It

    includes guidance around which services can be delivered to

    audit and non-audit clients, as well as independence and

    other risk management issues and considerations.

    Business Relationship Evaluation Tool (BRET)

    Our people are required to use BRET in many circumstances

    to identify, evaluate and obtain advance approval of a

    potential business relationship with an audit client, thereby

    supporting our compliance with independence


    Audit committees and oversight of independence

    We recognize that the important role audit committees and

    similar corporate governance bodies undertake in the

    oversight of auditor independence. Empowered and

    independent audit committees perform a vital role on behalf

    of shareholders in protecting independence and preventing

    conflicts of interest. We are committed to robust and

    regular communication with audit committees or those

    charged with governance. Through EY quality review

    programs, we monitor and test compliance with EY

    standards for audit committee communications, as well as

    the pre-approval of non-audit services, where applicable.

    The goal is to help EY people understand their

    responsibility and to enable each of them, and their

    member firms, to be free from interests that might be

    regarded as incompatible with objectivity, integrity

    and impartiality in serving an audit client.

  • Transparency Report 2019: EY Cyprus 19

    Professional development

    The continuous development of our people’s skills and

    knowledge is critical to achieving our purpose of enhancing

    confidence in the capital markets.

    Providing opportunities for the right experiences, learning

    and coaching helps them grow and achieve their potential at

    a variable pace of progression that suits them.

    The day-to-day experiences gained are assigned locally in a

    systematic way while the EY audit learning core curriculum

    is globally consistent. This is supported throughout by on-

    the-job coaching from more experienced professionals that

    helps to transform knowledge and experience into practice.

    Learning is delivered through the award-winning Audit

    Academy, which combines interactive classroom-based

    simulations and “on-demand” e-learning modules with

    relevant reinforcement and application support. This is

    supplemented by learning programs that are developed in

    response to changes in accounting and reporting standards,

    independence and professional standards, new technology

    and emerging practice issues.

    Where an EYG member firm audits and reviews

    International Financial Reporting Standards (IFRS) financial

    statements, relevant team members undertake learning to

    become IFRS-accredited.

    EY Cyprus requires our audit professionals to obtain at least

    21 hours of continuing professional education each year

    and at least 120 hours over a three-year period. Of these

    hours, 40% (8 hours each year and 48 hours over a three-

    year period) must cover technical subjects related to

    accounting and auditing.

    Knowledge and internal communications

    In addition to professional development and performance

    management, we understand the importance of providing

    client engagement teams with up-to-date information to

    help them perform their professional responsibilities. EY

    makes significant investments in knowledge and

    communication networks to enable the rapid dissemination

    of information to help people collaborate and share best

    practices. Some of our initiatives include:

    • EY Atlas, which includes local and international accounting and auditing standards, as well as interpretive guidance; replacement for Global Accounting and Auditing Information Tool (GAAIT) since the fiscal year 2017

    • Publications such as International GAAP, IFRS developments and illustrative financial statements

    • Global Accounting and Auditing News — weekly update covering assurance and independence policies, developments from standard setters and regulators, as well as internal commentary thereon

    • Practice alerts and webcasts covering a range of global and country-specific matters designed for continuous improvement in member firms’ Assurance practices

    Performance management

    LEAD is our forward-looking EY approach to people’s career,

    development and performance focusing on continuous

    feedback resulting in better conversations built around 90-

    day cycles. Feedback is aggregated and used as an input to

    compensation and reward programs.

    It is designed to support the growth and development of our

    people at all stages of their career at EY. An individual’s

    personal dashboard provides an easy to interpret snapshot

    of their performance against the Leadership at EY

    dimensions, and assessed performance against peers.

    LEAD retains components that were also included in the

    previous Performance Management and Development

    Process approach. Those were providing our people with

    clear work expectations and the opportunity to self-assess

    their performance. During the course of the year, every

    professional, in conjunction with their counselor, identifies

    opportunities for further development.

    Continuing education of audit professionals

  • Transparency Report 2019: EY Cyprus 20

    Financial information Revenue includes expenses billed to clients and revenues

    related to billings to other EYG member firms. Revenue

    amounts disclosed in this report include revenues from both

    audit and non-audit clients. Revenues reported for Cyprus

    comprise those of Ernst & Young Cyprus Limited; the other

    EY audit firms in Cyprus shown in Appendix 2 do not carry

    out audits or provide any professional services.

    Revenue is presented in accordance with Regulation (EU)

    537/2014 of the European Parliament and of the Council of

    16 April 2014 and included for:

    1. Revenues from the statutory audit of annual and consolidated financial statements of PIEs, and entities belonging to a group of undertakings whose parent undertaking is a PIE

    2. Revenues from the statutory audit of annual and consolidated financial statements of other entities

    3. Revenues from permitted non-audit services to entities that are audited by the statutory auditor or the audit firm

    4. Revenues from non-audit services to other entities

    Financial information for the year ended 30 June 2019, expressed in millions of Euro

    Revenue and remuneration

    Statutory audits and directly related services for PIEs

    Non-audit services provided to companies we audit

    Other audit services and directly related services for non-PIEs

    10,0 35,7%

    Total revenue 28,0 100%

    6,6 23,6%

    8,7 _31,1% Non-audit services provided to other entities

    Revenue Service Percent

    2,7 9,6%

  • Transparency Report 2019: EY Cyprus 21

    Partner remuneration Quality is at the center of the EY strategy and is a key

    component of EY performance management systems. EY

    Cyprus partners and other professionals are evaluated and

    compensated based on criteria that include specific quality

    and risk management indicators, covering both actions and


    LEAD for partners, principals, executive directors and

    directors (PPEDDs) applies to all partners in EYG member

    firms around the world. LEAD for PPEDDs reinforces the

    global business agenda by continuing to link performance to

    wider goals and values. The process includes goal setting,

    ongoing feedback, personal development planning and

    performance review, and is tied to partners’ recognition and

    reward. Documenting partners’ goals and performance is

    the cornerstone of the evaluation process. A partner’s goals

    are required to reflect various global priorities, one of which

    is quality.

    EY policies prohibit evaluating and compensating lead audit

    engagement partners and other key audit partners on an

    engagement based on the sale of non-Assurance services to

    companies they audit. This reinforces to our partners their

    professional obligation to maintain our independence and

    objectivity. For audits conducted in accordance with the

    requirements of Directive 2014/56/EU of the European

    Parliament and of the Council of 16 April 2014, EY

    prohibits evaluating and compensating any partner or

    professional involved in, or able to influence the carrying

    out of, an engagement based on the sale of non-Assurance

    services to their audit clients. This reinforces that

    professionals are obligated to maintain independence and


    Specific quality and risk performance measures have been

    developed to account for:

    • Providing technical excellence

    • Living the EY values as demonstrated by behaviors and attitude

    • Demonstrating knowledge of, and leadership in, quality and risk management

    • Complying with policies and procedures

    • Complying with laws, regulations and professional duties

    • Contributing to protecting and enhancing the EY brand

    The EY partner compensation philosophy calls for

    meaningfully differentiated rewards based on a partner’s

    level of performance, as measured within the context of

    LEAD. Partners are assessed by their firms annually on

    their performance in delivering quality, exceptional client

    service and people engagement alongside financial and

    market metrics.

    To recognize different market values for different skills and

    roles, and to attract and retain high-performing individuals,

    the following factors are also considered when we

    determine our partners’ total reward:

    • Experience

    • Role and responsibility

    • Long-term potential

    Instances of non-compliance with quality standards result in

    remedial actions, which may include compensation

    adjustment, additional training, additional supervision or

    reassignment. A pattern of non-compliance or particularly

    serious non-compliance may result in actions that include